aws-cdk: be able to change default settings for what resources to retain and destroy #28183
Comments
girotomas
added
feature-request
github-actions
bot
added
@aws-cdk/aws-redshift
|
I can take this, assuming the core team wants to support it. |
khushail
added
needs-review
p2
and removed
needs-triage
|
Love this idea! Before we have this feature, an alternative solution is to build a helper method like this and you should be able to control the removal policy of all or specific resources behind an array of constructs and you can control your own strategy in your code. Not fully tested but it works for me. export class DemoStack extends Stack {
constructor(scope: Construct, id: string, props: StackProps) {
super(scope, id, props);
}
protected addRemovalPolicy(removalPolicy: RemovalPolicy, children?: IConstruct[], ) {
(children ?? this.node.children).forEach((child) => {
if(CfnResource.isCfnResource(child)) {
child.applyRemovalPolicy(removalPolicy);
} else if (Construct.isConstruct(child)) {
this.addRemovalPolicy(removalPolicy, child.node.children)
}
});
};
protected addDestroyRemovalPolicy(children?: IConstruct[]) {
this.addRemovalPolicy(RemovalPolicy.DESTROY, children ?? this.node.children)
}
protected addRetainExceptOnCreateRemovalPolicy(children?: IConstruct[]) {
(children ?? this.node.children).forEach((child) => {
if(CfnResource.isCfnResource(child)) {
child.addOverride('DeletionPolicy', 'RetainExceptOnCreate')
} else if (Construct.isConstruct(child)) {
this.addRetainExceptOnCreateRemovalPolicy(child.node.children)
}
});
}
protected setRetainExceptOnCreateIfRetain(children?: IConstruct[]) {
(children ?? this.node.children).forEach((child) => {
if(CfnResource.isCfnResource(child)) {
if(child.cfnOptions.deletionPolicy == CfnDeletionPolicy.RETAIN) {
child.addOverride('DeletionPolicy', 'RetainExceptOnCreate')
}
} else if (Construct.isConstruct(child)) {
this.setRetainExceptOnCreateIfRetain(child.node.children)
}
});
}
} |
khushail
added
effort/medium
|
@msambol, this is something that I have thought about, and would like to support! However, I think the scope could be fairly large. I envision setting up rules that could edit defaults and/or simply set values that cannot later be changed. This seems like it needs some more serious design work, and would likely be implemented by our core team. If you would like to take a run at it, I would ask for some design ideas as well as some consideration of edge cases. If it is simply implementing the work around @pahud suggested, then it may be better to leave it up to the OP. But please share your thoughts! |
|
@scanlonp Feel free to drive this! I am starting a new gig soon so I'll have less time. But I'd like to follow the work because this will be interesting. 😄 |
|
@msambol this is not something I plan on doing in the near future, but can keep you looped in! |
scanlonp
added
@aws-cdk/core
|
Running into the same problem as well, however, I got it resolved by using CDK aspect import { CfnResource, IAspect, RemovalPolicy, App, Aspects, Stack } from "aws-cdk-lib";
import { IConstruct } from "constructs";
// This aspect set renmoval policy of all resources in a node to DESTROY
export class RemovalPolicyDestroyAspect implements IAspect {
visit(node: IConstruct): void {
if (CfnResource.isCfnResource(node)) {
// Can also check if resource is a DynamoDB Table or not as well
node.applyRemovalPolicy(RemovalPolicy.DESTROY);
}
}
}
const app = new App();
new Stack(app, "stack");
Aspects.of(app).add(new RemovalPolicyDestroyAspect());The above code set retention policy of all resources in stack to |
Describe the feature
Basically in cdk.json we add a new setting:
to change the default behavior of these resources.
Use Case
This allow us not to have to hardcode everywhere:
The main motivation is for Region Build Automation.
Disclosure: I work at AWS Redshift and we use extensively the aws-cdk. I've noticed that destroying failed stacks that got half created is a huge pain and consumption of time. There should be a easy way to set some setting that allows all resources to be deleted easily if the stack is not a production stack.
For example for new regions that don't yet serve production traffic you don't want to have a huge pain of deleting resources. You want to be able to delete those stacks easily and not to have to fight through all the "termination protection errors" and "this resource has to be deleted manually". This is really a productivity killer.
Proposed Solution
No response
Other Information
No response
Acknowledgements
CDK version used
v2
Environment details (OS name and version, etc.)
typescript amazon-linux
The text was updated successfully, but these errors were encountered: